Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/thK4vD78f8v4gCWxj_Ei1IwyzJo.roa
File: thK4vD78f8v4gCWxj_Ei1IwyzJo.roa (raw, json)
Hash identifier: RvhClnjfOvWeN70cTFrBXZrHMmqGwq79TOo0pXOS1IA=
Subject key identifier: B6:12:B8:BC:3E:FC:7F:CB:F8:80:25:B1:8F:F1:22:D4:8C:32:CC:9A
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018E3C3D296F0891FF5B354994DED8F3FC47
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/thK4vD78f8v4gCWxj_Ei1IwyzJo.roa
Signing time: Thu 14 Mar 2024 09:13:44 +0000
ROA not before: Thu 14 Mar 2024 09:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 91.193.254.0/24 maxlen: 24
91.193.255.0/24 maxlen: 24
93.89.219.0/24 maxlen: 24
93.89.221.0/24 maxlen: 24
93.89.222.0/24 maxlen: 24
93.89.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:3d:29:6f:08:91:ff:5b:35:49:94:de:d8:f3:fc:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Mar 14 09:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b612b8bc3efc7fcbf88025b18ff122d48c32cc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7f:28:a0:b3:c9:d0:54:03:5b:97:e1:51:b0:
42:ef:46:dc:62:23:30:e5:b8:a3:bc:e0:0a:71:5b:
8e:32:f5:c0:a2:9b:b6:9c:8e:82:40:67:4b:9b:b0:
86:f9:7f:0e:87:c5:c0:68:42:c7:a8:53:b6:6f:0f:
68:0f:61:b1:33:1a:f4:0d:e8:62:f4:e5:da:9c:36:
28:ae:22:05:39:62:1e:f2:e2:d2:d2:5a:36:1a:2b:
26:e0:eb:a2:ea:41:4f:6e:80:40:ea:7e:e2:91:a0:
f5:04:54:59:f9:4f:57:b6:80:92:24:02:1d:5a:2d:
f5:4a:9b:d3:d5:3f:c5:b3:d1:77:9f:bf:83:bb:85:
0a:04:91:96:b3:1e:5a:c1:01:a3:77:78:0d:b7:e2:
cd:a9:c2:88:38:87:c6:56:c5:59:45:8c:ac:aa:ab:
b2:7e:f2:93:1f:2b:1e:35:86:98:4b:e5:33:43:f9:
7a:e1:60:0d:b9:ba:b3:b4:09:c3:4c:5a:bf:00:76:
1f:93:97:97:6b:1f:eb:28:c9:cd:a3:50:19:05:d8:
1d:80:2b:6f:59:5e:3a:89:a7:66:aa:1a:4d:0b:15:
89:f8:33:b4:20:06:88:eb:8f:ee:e9:ac:f6:3d:3a:
00:3c:8d:58:85:d3:39:e9:50:06:24:f9:5a:8b:4b:
c4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:12:B8:BC:3E:FC:7F:CB:F8:80:25:B1:8F:F1:22:D4:8C:32:CC:9A
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/thK4vD78f8v4gCWxj_Ei1IwyzJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.254.0/23
93.89.219.0/24
93.89.221.0-93.89.223.255
Signature Algorithm: sha256WithRSAEncryption
c6:ca:d1:ec:e0:1d:b5:6c:84:33:2c:41:87:93:13:3e:a7:24:
50:ac:b0:6b:9b:f0:38:04:84:51:28:74:4f:3d:d8:a8:c8:a2:
e6:17:a1:06:8b:4b:58:b3:bb:8d:42:36:f3:0d:f3:9e:b2:82:
0d:d8:5b:e5:b2:f3:4e:fb:03:23:9c:90:01:e7:51:a7:d0:19:
85:d7:8a:d1:7d:cc:d3:72:bb:c0:c2:ed:44:30:d0:bf:4c:6b:
fb:5a:28:2e:2b:22:a1:d1:de:5f:35:4b:19:bf:bf:8b:3e:9c:
db:f3:d3:b3:25:4f:b3:87:40:74:ca:8f:05:36:23:c7:d9:72:
80:07:36:1d:2e:16:5e:18:d7:1a:5f:86:3b:0d:54:de:2e:0b:
10:a4:05:63:dd:dd:02:9e:26:77:c2:1b:b5:42:84:f9:e1:12:
50:e7:6e:88:bd:3f:1e:f0:16:54:2a:e9:cc:a5:6d:35:0f:a9:
0d:26:9d:5d:63:f1:fb:47:6a:fd:74:d2:a7:e8:12:8c:dc:bd:
a6:7c:62:66:34:b7:87:a8:23:54:2c:ac:44:a2:f5:cc:50:bd:
b7:06:00:92:10:c4:ce:01:2f:a2:d2:d0:1d:02:b9:79:4b:1d:
60:86:27:91:09:bf:52:61:59:78:1c:9a:73:74:b7:55:15:e7:
0a:84:7f:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY48PSlvCJH/WzVJlN7Y8/xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQwMzE0MDkxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjEyYjhiYzNlZmM3ZmNiZjg4MDI1YjE4ZmYxMjJkNDhjMzJjYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH8ooLPJ0FQDW5fhUbBC70bcYiMw
5bijvOAKcVuOMvXAopu2nI6CQGdLm7CG+X8Oh8XAaELHqFO2bw9oD2GxMxr0Dehi
9OXanDYoriIFOWIe8uLS0lo2Gism4Oui6kFPboBA6n7ikaD1BFRZ+U9XtoCSJAId
Wi31SpvT1T/Fs9F3n7+Du4UKBJGWsx5awQGjd3gNt+LNqcKIOIfGVsVZRYysqquy
fvKTHyseNYaYS+UzQ/l64WANubqztAnDTFq/AHYfk5eXax/rKMnNo1AZBdgdgCtv
WV46iadmqhpNCxWJ+DO0IAaI64/u6az2PToAPI1YhdM56VAGJPlai0vETQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLYSuLw+/H/L+IAlsY/xItSMMsyaMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvdGhLNHZENzhmOHY0Z0NXeGpfRWkxSXd5ekpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW8H+AwQA
XVnbMAwDBABdWd0DBAVdWcAwDQYJKoZIhvcNAQELBQADggEBAMbK0ezgHbVshDMs
QYeTEz6nJFCssGub8DgEhFEodE892KjIouYXoQaLS1izu41CNvMN856ygg3YW+Wy
8077AyOckAHnUafQGYXXitF9zNNyu8DC7UQw0L9Ma/taKC4rIqHR3l81Sxm/v4s+
nNvz07MlT7OHQHTKjwU2I8fZcoAHNh0uFl4Y1xpfhjsNVN4uCxCkBWPd3QKeJnfC
G7VChPnhElDnboi9Px7wFlQq6cylbTUPqQ0mnV1j8ftHav100qfoEozcvaZ8YmY0
t4eoI1QsrESi9cxQvbcGAJIQxM4BL6LS0B0CuXlLHWCGJ5EJv1JhWXgcmnN0t1UV
5wqEfyQ=
-----END CERTIFICATE-----
Generated at Sun Jun 2 16:04:32 2024 by rpki-client on console-ams.rpki-client.org